Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/085AFD3433A111EFB74A4D79762E951A.roa
File: 085AFD3433A111EFB74A4D79762E951A.roa (raw, json)
Hash identifier: ZqcPNUAaum0Q6P8xCMbpmYIToZNd9+9NS92R334CJIU=
Subject key identifier: C4:74:00:DF:C2:F0:09:48:28:9B:DA:2E:B5:AB:4C:1D:03:16:5A:5F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 9587
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/085AFD3433A111EFB74A4D79762E951A.roa
Signing time: Wed 26 Jun 2024 09:47:00 +0000
ROA not before: Wed 26 Jun 2024 09:46:56 +0000
ROA not after: Mon 30 Dec 2024 09:46:56 +0000
asID: 984
IP address blocks: 45.205.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 09 Sep 2024 00:16:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38279 (0x9587)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 26 09:46:56 2024 GMT
Not After : Dec 30 09:46:56 2024 GMT
Subject: CN=667be393-65e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:7b:8c:28:9c:17:db:4d:1d:69:1f:d0:29:19:
ef:bc:60:6b:32:d8:a9:e1:63:cc:3d:1e:91:88:cb:
ac:51:89:73:7d:a3:6f:12:3d:6b:c4:0e:33:87:51:
96:d1:46:de:f2:8a:bb:8c:a8:da:ce:88:90:e5:4c:
9b:05:14:3a:52:dd:37:1f:bb:94:cd:15:97:5f:c6:
f4:43:f3:9b:d7:ee:20:78:31:d9:de:ce:f3:ae:52:
d2:9e:f7:3e:88:5e:33:08:c4:39:9a:a0:00:a6:c0:
89:b4:79:47:75:1d:81:81:87:ff:89:b2:0f:de:3d:
d7:80:a6:c6:eb:7d:aa:ee:50:a6:59:3e:72:11:08:
36:fd:ea:e2:a9:ec:53:b4:cc:9f:56:e8:4e:3a:3c:
5b:34:b1:fa:a7:cc:40:da:45:b1:04:34:27:4c:8a:
b7:b4:51:59:f1:ac:63:5b:e9:40:36:b0:48:93:df:
14:1d:b5:58:d0:c1:53:77:ad:24:46:74:96:f6:e6:
70:e3:3c:ac:a6:9d:69:47:36:c3:32:5e:15:e6:9f:
cc:22:d9:0c:10:38:3e:22:1f:18:9e:af:ba:11:94:
78:ca:2a:3f:8f:7c:14:5c:52:8d:e5:08:30:af:6d:
52:69:a4:a6:a9:17:b2:b1:85:da:f6:73:38:e9:fa:
a8:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:74:00:DF:C2:F0:09:48:28:9B:DA:2E:B5:AB:4C:1D:03:16:5A:5F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/085AFD3433A111EFB74A4D79762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.205.128.0/17
Signature Algorithm: sha256WithRSAEncryption
94:33:b7:5c:66:b3:05:9f:06:e1:ff:a2:2c:06:65:a8:1d:e8:
43:31:7a:9e:cc:27:95:3e:52:f2:7f:68:ef:e8:8a:93:f5:ce:
37:17:19:c0:35:b1:2f:3d:10:23:bc:62:c1:14:d1:15:60:6c:
af:86:c9:be:df:9a:34:de:a2:d6:39:22:25:4e:dd:48:5b:5e:
f8:4b:35:cf:c3:3d:cb:17:88:52:43:73:c3:3d:bb:95:9d:71:
eb:a1:58:6d:21:2d:fe:c8:ef:e6:91:f7:f9:44:bc:ee:ff:2f:
00:82:0d:c5:b8:de:05:bd:e7:71:1e:19:b3:05:96:71:fb:00:
ad:a4:23:1c:61:4c:48:41:b3:f4:87:c9:5e:18:68:9b:0a:4f:
75:1f:ee:ac:84:5d:85:a1:60:34:1e:ed:e0:ab:c6:53:be:bb:
ae:5c:dc:2e:95:ea:9c:ae:3f:84:6a:d7:99:13:a5:42:39:b7:
83:51:31:8c:dc:24:d2:af:aa:7b:b7:5a:99:b9:c6:01:94:32:
6f:b2:63:8f:3a:85:01:b7:23:cc:51:8e:ba:c9:b6:aa:6e:69:
43:65:ea:ad:00:c0:c1:34:7d:ac:51:55:dd:88:27:19:5d:bd:
c6:8b:76:d4:7d:ee:9b:4d:c1:69:8e:e4:81:1f:dc:55:f8:bc:
88:b0:e0:62
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAJWHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNjI2MDk0NjU2WhcNMjQxMjMwMDk0NjU2WjAYMRYw
FAYDVQQDEw02NjdiZTM5My02NWU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsnuMKJwX200daR/QKRnvvGBrMtip4WPMPR6RiMusUYlzfaNvEj1rxA4z
h1GW0Ube8oq7jKjazoiQ5UybBRQ6Ut03H7uUzRWXX8b0Q/Ob1+4geDHZ3s7zrlLS
nvc+iF4zCMQ5mqAApsCJtHlHdR2BgYf/ibIP3j3XgKbG632q7lCmWT5yEQg2/eri
qexTtMyfVuhOOjxbNLH6p8xA2kWxBDQnTIq3tFFZ8axjW+lANrBIk98UHbVY0MFT
d60kRnSW9uZw4zyspp1pRzbDMl4V5p/MItkMEDg+Ih8Ynq+6EZR4yio/j3wUXFKN
5Qgwr21SaaSmqReysYXa9nM46fqoMQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMR0
AN/C8AlIKJvaLrWrTB0DFlpfMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wODVBRkQzNDMzQTExMUVGQjc0QTRENzk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHLc2AMA0GCSqGSIb3DQEBCwUA
A4IBAQCUM7dcZrMFnwbh/6IsBmWoHehDMXqezCeVPlLyf2jv6IqT9c43FxnANbEv
PRAjvGLBFNEVYGyvhsm+35o03qLWOSIlTt1IW174SzXPwz3LF4hSQ3PDPbuVnXHr
oVhtIS3+yO/mkff5RLzu/y8Agg3FuN4FvedxHhmzBZZx+wCtpCMcYUxIQbP0h8le
GGibCk91H+6shF2FoWA0Hu3gq8ZTvruuXNwuleqcrj+EateZE6VCObeDUTGM3CTS
r6p7t1qZucYBlDJvsmOPOoUBtyPMUY66ybaqbmlDZeqtAMDBNH2sUVXdiCcZXb3G
i3bUfe6bTcFpjuSBH9xV+LyIsOBi
-----END CERTIFICATE-----
Generated at Sat Sep 7 11:11:53 2024 by rpki-client on console-ams.rpki-client.org